How to remove the Google redirect virus

What is the Google redirect virus (redirection)?

The Google redirect virus is a very broad term to describe 1. unwarranted redirects to the Google search engine, 2. general browser redirections, often caused by malware categorized as a browser hijackers or other exploitions (may occur when attemping to visit Google.com or use the browser’s address bar) and/or 3. browser redirects that occur when using the Google Chrome internet browser, but please note that the Google redirect virus is a problem for many computer users who may use any internet browser (Firefox, Internet Explorer, Safari, Opera). The Google redirect virus may direct internet users to search engine results pages that may not relate to the user’s search query, as well as dangerous websites that host malware and unethical websites, such as websites that designed to “trick” or ultimately entrap unsuspecting victims to destructive terms. The Google redirect virus may also refer to common browser hijackers and DNS changers that alter system and internet browser settings with or without consent, including the home pages, default, managed, and provided search engines, as well as browser shortcuts and Windows hosts files.

According to experts the most dangerous versions of the Google redirect virus are closely connected to trojan horses that are designed specifically to generate revenue associated with extortion schemes. This particular computer virus is developed to generate web traffic, collect sale leads for other suspicious sites, collect sensitive information (passwords, account names, home address), and may be utilized to promote unethical software, including scareware.

If you are infected with the Google redirect virus or simply want to repair your intenret browser settings and stop redirecting to google.com, or unethical websites such as Snap.do and Delta-Search.com, please use our Google redirect virus removal instructions further below.

The Google redirect virus is in no way associated with Google.com and their partners.

Why am I redirecting to Google.com?

There are several reasons an internet browser may redirect to Google.com detailed below.

Most browsers list Google.com as their default, managed, and provided search engine (as well as homepage), which causes inernet browsers to redirect to Google when a user searches the web using the browser address bar.

Some legitimate and safe websites include Google webmaster tools to incorporate the Google search engine and gain affiliate revenue from advertisements or simply to provide a better search experience for visitors.

An unethical third-party including malicious software may have included Google webmaster tools to incorporate Google Search into their website in order to generate revenue via cost-per-click.

How does the Google redirect virus infect a computer?

The Google redirect virus is mostly caused by a multi-faceted threat likely called TDSS, Alureon or Tidserv. As soon as the backdoor threat gets inside it’s targeted computer system, it restricts the user’s internet browsing ability and disconnects them from many Internet browsing services. As a result of the Google computer virus, you are continuously redirected to various sites that are either harmless commercial websites or dangerous and malicious websites that offer malicious payloads.

Option 1: Windows Uninstall (Manual Uninstall)

1. Access Windows Start Menu and navigate to the Control Panel.

2. Click Uninstall a program or Add and remove a program (depending on your version of Windows).

3. In the list of installed programs search for suspicious programs. Uninstall unwanted software by double clicking the program’s icon, or highlight the program in the list and click the Uninstall button/tab.

Option 2: CCleaner by Piriform (Automated Uninstall)

CCleaner by Piriform

CCleaner can be used to uninstall software that will not uninstall normally (software that is difficult to remove). CCleaner is notorious for removing similar hijackers such as Conduit Search.

2. Once installed, navigate to Tools > Uninstall tab and locate the unwanted software in the list. To automatically uninstall the software click Run Uninstaller.

2. Scan computer for malware (Automated removal)

Malwarebytes Anti-Malware

Malwarebytes Anti-Malware can be used to detect and remove additional and/or third-party malware from your computer system, including malware that may be responsible for symptoms of the Google redirect virus.

2. Once Malwarebytes is installed, run the program. If you are using the free version of Malwarebytes you will be prompted to update the database, please do so.

3. Open the first tab labeled “Scanner” and select the Perform full scan option. Click the Scan button to perform a full system scan. Malwarebytes will automatically detect malware infecting your computer system.

4. Once the full system scan is complete, Malwarebytes may prompt a message stating malicious objects were detected. Select the malicious objects and click the Remove Selected button to completely remove the malicious files from your computer (the image below shows a file that is NOT selected).

3. Automatically repair browser settings (Automated repair)

CCleaner by Piriform

CCleaner can also be used to repair internet browser settings and stop your browser from redirecting to google.com and other websites such as swagbucks.com.

2. Once installed, run the program and navigate to Cleaner > Windows/Applications and click the Analyze button. Afterwards, click the Run Cleaner button on the bottom right of the program interface.

3. Next, navigate to Tools > Startup and search through each tab starting from windows, internet explorer, etc., all the way to Content Menu, for additional suspicious entries and click Disable and Delete once anything is found. Look for anything that may be suspicious or contain “search” in the title or filename.

4. Manually remove unwanted homepage

In Mozilla Firefox navigate to Tools > Options or click Firefox in the top left corner and click Options > Options. Under the General tab remove the unwanted search engnie from the “Home Page:” field and replace it with your preferred home page URL.

In Microsoft Internet Explorer navigate to Tools >Internet Options. Remove the unwanted search engine from the Home Page field and replace it with your preferred URL.

In Google Chrome click the customize icon (wrench or 3 bars) and navigate to Settings.Click “Set pages” under the On startup option. Remove the unwanted search engine and replace it with your preferred URL.

5. Manually remove unwanted search engine

In Mozilla Firefox, click the small search magnify glass near the search box (not url/search field) and click “Manage Search Engines…”. Remove the unwanted search engine from the list of search providers by highlighting the selections and clicking remove.

In Google Chrome, click the customize icon (wrench or 3 bars) and navigate to Settings > Manage search engines… click the X next to the unwanted search engine to remove it.

Please note, If the unwanted search site is set as Google Chrome’s default search engine, add (or select) a new search engine (such as Google.com) and select the new search engine as the default search engine, then remove the unwanted website by clicking the X next to it.

6. Repair Windows hosts file

To open Window’s hosts file open MS Notepad with administrator privileges, by right clicking Notepad and clicking Run as administrator.

Once open, select File > Open and navigate to: C:\Windows\System32\drivers\etc\hosts (You may have to select show “All Files” to locate the hosts file)

If your hosts file was compromised, you will notice additions as projected in the picture below. It is recommended to delete additional content and save your hosts file.

The example additions to the hosts file above would indicate unwarrantedd redirections when attempting to visit botcrawl.com and google.com.

7. Repair Domain Name Server (DNS)

Navigate to Control Panel-> Network Connections -> and select Local Area Connection. Right click on the icon and select Properties.

On the new window select Internet Protocol (TCP/IP or 4) and click Properties.

Another new new Internet Protocol window will appear. Click Obtain an IP address automatically and click OK to save the changes:

8. Repair proxy settings

Google Chrome

Launch Google Chrome and click the Customize and Control Google Chrome icon and select Options.

Under Google Chrome Options select the Under the Hood tab and navigate to Network > Change proxy settings.

In the Internet Properties window, click the Lan settings button > Local Area Network (LAN) Settings

Finally, uncheck the Use Proxy server for your LAN and click OK.

Mozilla Firefox

Launch Mozilla Firefox, and navigate to Tools ->Options. Press Advanced, open the Network tab, and press the Settings button.

Select No proxy or enter parameters that were given by system administrator and press OK.

Microsoft Internet Explorer

Launch Internet Explorer, and navigate to Tools >Internet Options and click theConnections tab. Press Local Area Network (LAN) Settings and unselect everything or enter parameters that were given by system administrator and press OK.